Keyword: malware

For the second day in a row, I have gotten a strange security warning when trying to enter the National Review website. It warns me of spyware, gives me a phone number to call, and even has a voice message. I have not found a way to escape that message short of shutting down my computer. It seems to be a fake security warning. Has anyone else encountered this problem? If so, do you know what is going on and what to do about it? Thanks.

FireEye's Mandiant found that the average data breach was discovered in 205 days, dropping from 229 days (2013) and 243 days (2012). Enterprises were only able to self-detect 31 percent of breaches, with third-parties and the government helping identify cybersecurity incidents. Companies are becoming more vigilant in detecting cybercrime-related activity, such as credit card companies noticing fraudulent behavior. "Over the last several years, organizations like the Federal Bureau of Investigation (FBI) have gotten increasingly involved in notifying US businesses that they have been identified as being compromised," said Ryan Kazanciyan, technical director at Mandiant, in a statement to eWEEK....

Sinister Circuit Board Peter Shanks via Flickr CC By 2.0 In late summer of 2006, the Japanese division of McDonalds decided to run a new promotion. When customers ordered a Coca-Cola soft drink, they would receive a cup with a code. If they entered that code on a designated website and were among 10,000 lucky winners, they would receive an MP3 player pre-loaded with 10 songs. Cleverly constructed, the promotion seemed destined for success. Who doesnt like a Coke and a free MP3 player? But there was one problem the marketers at McDonalds could not anticipate: In addition to 10...

The Internet is lighting up with warnings about Superfish, an adware program that came preinstalled on many Lenovo laptops in the past six months. Like a lot of the bloatware that comes on new computers, Superfish exists to help push advertising, not to serve any real consumer need. That would be annoying enough, but Superfish seriously undermines the user's safety, according to many security experts. Superfish is a piece of third-party software that Lenovo installed to, as it says in its apology to consumers, enhance the shopping experience. That means it's meant to help advertisers target potential customers. But security...

Lenovo Has Been Selling Laptops with Malware Pre-Installed Computer maker Lenovo has been shipping laptops prepackaged with malware that makes you more vulnerable to hackers  all for the sake of serving you advertisements. Made by a company called Superfish, the software is essentially an Internet browser add-on that injects ads onto websites you visit. Besides taking up space in your Lenovo computer, the add-on is also dangerous because it undermines basic computer security protocols. Thats because it tampers with a widely-used system of official website certificates. That makes it hard for your computer to recognize a fake bank website,...

The malware reprograms the hard drives firmware, creating hidden sectors on the drive that can only be accessed through a secret API (application programming interface). Once installed, the malware is impossible to remove: disk formatting and reinstalling the OS doesnt affect it, and the hidden storage sector remains. Theoretically, we were aware of this possibility, but as far as I know this is the only case ever that we have seen of an attacker having such an incredibly advanced capability, said Costin Raiu, director of Kaspersky Labs global research and analysis team, in a phone interview Monday.

When hackers steal money from banks, they usually go for Bonnie and Clyde attacks, taking whatever they can take in a single grab, one Kaspersky executive told The New York Times, as the security research discovered a different type of bank cyber heist, one likened to Oceans Eleven in terms of planning, but also when it comes to the significant amount of stolen cash. Following a well planned operation, that involved months of spying through the use of sophisticated software, unknown hackers originating from Russia, China and Europe managed to steal at least $300 million from a large number of...

In a report to be published on Monday, and provided in advance to The New York Times, Kaspersky Lab says that the scope of this attack on more than 100 banks and other financial institutions in 30 nations could make it one of the largest bank thefts ever  and one conducted without the usual signs of robbery. The Moscow-based firm says that because of nondisclosure agreements with the banks that were hit, it cannot name them. Officials at the White House and the F.B.I. have been briefed on the findings, but say that it will take time to confirm...

Microsoft released their latest Patch Tuesday. This Patch includes a fix for vulnerability CVE-2015-0057, an IMPORTANT-rated exploitable vulnerability which we responsibly disclosed to Microsoft a few months ago. As part of our research, we revealed this privilege escalation vulnerability which, if exploited, enables a threat actor to complete control of a Windows machine. In other words, a threat actor that gains access to a Windows machine (say, through a phishing campaign) can exploit this vulnerability to bypass all Windows security measures, defeating mitigation measures such as sandboxing, kernel segregation and memory randomization. Interestingly, the exploit requires modifying only a single...

Thousands of WordPress Sites Affected By Zero-Day ExploitThanks to a vulnerability in a WordPress plug-in, thousands of websites are at risk of being exploited. The flaw exists in Fancybox, a popular image displaying tool, through which Sucuri researchers say malware or any other script can be added to a vulnerable site. "It's being actively exploited in the wild, leading to many compromised websites," the researchers wrote. Comments

The MagSafe2 port, from left, two Thunderbolt ports, a USB 3 port and headphone port (top), SDXC Cardslot, HDMI port, and USB 3 port (bottom), on Apple's MacBook Pro. Similar mage from Apple Inc. substituted for original Getty Image on article site. According to a recent security presentation, attackers could infect Macintosh computers with a special kind of malware using the computer's Thunderbolt port. The attack, dubbed Thunderstrike, was showcased by security researcher Trammell Hudson at the Chaos Communications Congress in Germany. Hudson is well known in the security community, particularly for his work reverse-engineering various devices and systems....

Cyber attack on Angela Merkel aide: Report The German chancellor's office has fallen victim to a hacking attack, according to a German newspaper. The Regin malware in question has been linked to British and US spy agencies.

Researchers at Check Point have discovered a serious security vulnerability affecting at least 12 million leading-brand home and SME routers that appears to have gone unnoticed for over a decade. Dubbed the Misfortune Cookie flaw, the firm plans to give a detailed account of the issue at a forthcoming security conference but in the meantime its important to stress that no real-world attacks using it have yet been detected. That said, an attacker exploiting the flaw would be able to monitor all data travelling through a gateway such as files, emails and logins and have the power to infect connected...

n February, Iranian hackers took down the computer system of gambling magnate Sheldon Adelsons casino empire, wiping hard drives clean and shutting down email. Las Vegas Sands, the worlds largest gaming company, was devastated by the attack. But until a Bloomberg Businessweek report Thursday night, the company had never revealed the extent of the hack. Coming months before the recent hack on Sony Pictures, the hit on Sands is now believed to be the first major destructive cyberattack on a U.S. business, although there are likely others that have gone unreported. From the instant the offensive started, Las Vegas Sands...

Details Emerge on Malware Used in Sony Hacking Attack December 2, 2014, 7:31 AM PST By Arik Hesseldahl New details have emerged about the hacking attack against Sony Pictures Entertainment, the motion picture studio which last week came under a withering digital siege that investigators say may have originated from North Korea. Late Monday the FBI issued a confidential five-page warning to U.S. businesses concerning malicious software, or malware, used to carry out destructive attacks. The warning did not name Sony as a victim of the malware, though it is said to be a direct response to the breach at...

For the past two years, a team of Iranian hackers has compromised computers and networks belonging to over 50 organizations from 16 countries, including airlines, defense contractors, universities, military installations, hospitals, airports, telecommunications firms, government agencies, and energy and gas companies. The attacks have collectively been dubbed Operation Cleaver after a string found in various malware tools used by the hacker group, which is believed to operate primarily out of Tehran. "We discovered over 50 victims in our investigation, distributed around the globe," said researchers from IT security firm Cylance in an extensive report released Tuesday. "Ten of these victims...

The FBI warned U.S. businesses that hackers have used malicious software to launch destructive attacks in the United States, following a devastating cyberattack last week at Sony Pictures Entertainment. The five-page, confidential "flash" warning issued to businesses late on Monday provided some technical details about the malicious software that was used in the attack, though it did not name the victim. An FBI spokesman declined comment when asked if the software had been used against the California-based unit of Sony Corp. The Sony attack resulted in five films being leaked online, including the updated version of "Annie." In the attack...

All of the dozen different "doorbuster" Android tablets Bluebox examined were found to include unpatched Android vulnerabilities including Masterkey, FakeID, Heartbleed and Futex, while more than a quarter were sold with security misconfigurations or active backdoors installed. Bluebox discovered Android's Masterkey "zombie botnet" vulnerability last year and detailed FakeID super malware earlier this summer. While Google has released patches for both flawsin addition to Android's Heartbleed and Futex bugsthe fact is that major retailers are actively promoting new Android products that still harbor these unpatched vulnerabilities. Several devices also ship with remote exploits wide open, block access to Google Play...

E-cigarettes may be better for your health than normal ones, but spare a thought for your poor computer  electronic cigarettes have become the latest vector for malicious software, according to online reports. Many e-cigarettes can be charged over USB, either with a special cable, or by plugging the cigarette itself directly into a USB port. That might be a USB port plugged into a wall socket or the port on a computer  but, if so, that means that a cheap e-cigarette from an untrustworthy supplier gains physical access to a device. A report on social news site Reddit...

DICKSON, Tenn., - A Tennessee sheriff's department said it paid more than $500 ransom to release files locked away by malicious software accidentally downloaded into the system. Detective Jeff McCliss, IT director for the Dickson County Sheriff's Office, said the "Cryptowall" program was installed into the department's computer system in late October when someone streaming local radio station WDKN accidentally clicked on a rotating ad that had been infected with the malware. McCliss and Sheriff Jeff Bledsoe said Cryptowall put a lock on the department's case folder and demanded $572 worth of anonymous online currency Bitcoins to unlock the files....

Security provider FireEye (FEYE) is cautioning that an opening in Apples (AAPL) iOS leaves most iPhones and iPads vulnerable to hackers attempting to swap installed, trusted applications for rogue software capable of stealing sensitive and confidential information from the user. FireEye first reported the bug to Apple in late July, dubbing the way it infiltrates iOS 7.1.1 and later devices (including the most recent iOS 8 and iOS 8.1 updates), a Masque Attack. The hack requires users first click on a malicious link included in an email or text message that targets the location of the malware download, tricking users...

Researchers have warned that a bug in Apple Inc's (AAPL.O) iOS operating system makes most iPhones and iPads vulnerable to cyber attacks by hackers seeking access to sensitive data and control of their devices. Cybersecurity firm FireEye Inc (FEYE.O) published details about the vulnerability on its blog on Monday, saying the bug enables hackers to access devices by persuading users to install malicious applications with tainted text messages, emails and Web links. The malicious application can then be used to replace genuine, trusted apps that were installed through Apple's App Store, including email and banking programs, with malicious software through...

A destructive Trojan Horse malware program has penetrated the software that runs much of the nations critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security. National Security sources told ABC News there is evidence that the malware was inserted by hackers believed to be sponsored by the Russian government, and is a very serious threat. The hacked software is used to control complex industrial operations like oil and gas pipelines, power transmission grids, water distribution and filtration systems, wind turbines and even some nuclear plants. Shutting down or damaging any of these...

For most of the iPhone's lifespan, it's been effectively immune to malware. There were theoretical attacks and viruses targeting jailbroken phones, but thanks to the tight controls of the App Store, finding iOS malware in the wild has been nearly impossible. If you didn't jailbreak your phone and you werent targeted by the NSA, you simply didn't have to worry about catching a virus. Yesterday, that changed. A security firm called Palo Alto Networks discovered a malware program theyre calling Wirelurker, which sneaks into computers through unauthorized Chinese apps, then attacks iOS devices when they connect over USB. Its an...

A relatively long-standing vulnerability in OS X has been uncovered by a Swedish hacker, Emil Kvarnhammar, who has dubbed it rootpipe by the so-far undisclosed method in which it can be used to take control of your Mac. In this vulnerability, a flaw allows a hacker to gain administrative access of a system without supplying a password, and then be able to interact with your Mac as an administrator. In an interview with MacWorld, Kvarnhammar describes this bug as having been present in OS X 10.8.5, but he was not able to replicate it in 10.9; however, Apple has shuffled...

A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources and the potential for attackers to abuse the trust users have in Tor and similar services. Josh Pitts of Leviathan Security Group ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack. Downloading any kind of file from the Internet is a dodgy proposition these days, and many...

October is stacking up to be a bumper Patch Tuesday update with nine bulletins lined up for delivery  three rated critical. Cloud security firm Qualys estimates two of the lesser "important" bulletins are just as bad however, as they would also allow malicious code injection onto vulnerable systems. Top of the critical list is an update for Internet Explorer that affects all currently supported versions 6 to 11, on all operating system including Windows RT. Vulnerabilities discovered in most versions of Windows Server, Windows 7 and 8, and the .NET framework are covered in the other pair of critical...

EDINA, MINN.  International Dairy Queen, Inc. today confirmed that the systems of some DQ® locations and one Orange Julius® location in the U.S. had been infected with the widely-reported Backoff malware that is targeting retailers across the country. The company previously indicated that it was investigating a possible malware intrusion that may have affected some payment cards used at certain DQ locations in the U.S. Upon learning of the issue, the company conducted an extensive investigation and retained external forensic experts to help determine the facts. Because nearly all DQ and Orange Julius locations are independently owned and operated,...

1 SECURITY OUTFIT MALWAREBYTES has warned of a malvertising attack that appears to be part of a large scale, ongoing campaign affecting a number of popular websites such as Last.fm.Users are getting infected by the exploit kit that is hidden in online ads, which means they probably don't even know the payload is on their computer.Malwarebytes said The Times of Israel and The Jerusalem Post were affected by the same attack campaign and looking further into it discovered "it is much bigger" than first thought because it involves doubleclick.net, a subsidiary of Google for online ads, and Zedo, a...

Got a google malware report when I opened a FR thread on 'U.S. Submarines: Run Silent, Run Deep...On Diesel Engines?' http://www.freerepublic.com/focus/f-news/3205441/posts Never seen a warning like this before. Was using Chrome browser. Malewarebytes and Avast did not warn me of this. False positive maybe? Malware on FR or Google playing nasty with us or what? Went to thread in Pale Moon just now and no warning.

Twice in the past 30 minutes, when executing a link to one of the FreeRepublic posts, Firefox sent me a warning page that the "site" I was going to was a malware threat. In more detail, the notice explained that it gets that threat info from Google, and that FreeRepublic had been identified as a "malware" threat. Who knows if some troll got p-o'd or if WH trolls are involved in having set up the threat notice at Google. I don't know what the mods can do.

Apparently, the feebs have been using malware and the TOR network to snoop on quite a bit more information than one might have suspected. Use the following link here for more info: http://www.wired.com/2014/08/operation_torpedo/

Malware dubbed Mayhem is spreading through Linux and FreeBSD web servers, researchers say. The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches. Andrej Kovalev, Konstantin Ostrashkevich and Evgeny Sidorov, who work at Russian internet portal Yandex, discovered the malware targeting *nix servers. They traced transmissions from compromised computers to two command and control (C&C) servers. So far they have found 1,400 machines that have fallen to the code, with potentially thousands more to come. [ ] Mayhem spreads by finding servers hosting websites with a remote...

FireFox 3.0 action: reset to default. Window X3 I copied their URL to post on this thread, if you know any malware protection program which can take care of this kind of malware, please post. First 3 URL come up every time I click. I have CClean. http://cr.gogorithm.com/WLBidRequestHandler?oid=2&width=1200&height=900&pubid=58488&noaop=1&tagid=300157822500000000&revmod=2&born=1401903982&Prof=&BTF=&cb=1404413752629&encoded=1&cirf=http%3A%2F%2Fwww.freerepublic.com%2Ftag%2F*%2Findex http://static.icmwebserv.com/blank4.html#%7B%22ad_type%22%3A%22siteunder%22%2C%22percent%22%3A100%2C%22size%22%3A%5B%7B%22percent%22%3A100%2C%22width%22%3A1200%2C%22height%22%3A900%7D%5D%2C%22max_impressions%22%3A2% http://cdncache1-a.akamaihd.net/pwn.html?u=http%3A%2F%2Fp.txtsrving.info%2Fclick%3Fc%3Dda480a77af4541ad8537a425d5da1aec%26subid%3Dg-605317-b757b08c6b66452f9abd524ffc443982-%26t%3Dhttp%253A%252F%252Fwww.freerepublic.com%252Ffocus%252Ff-chat%252F3175370%252Fposts%26rt%3D1717%26data_tag%3DA%26mk%3DbGF0ZXN0K2FydGljbGVz&n=ld893__da480a77af4541ad8537a425d5da1aec__1404358630&r= http://www.onefloorserve.com/lps/player_lp7.aspx?appId=339032&source=saymedia_1fa&cid=275759&clickid=07_25004824_02eac240-cf93-44d0-ab7b-09bdb01b60d6 http://lp.empire.goodgamestudios.com/?country=us&pid=516&camp=1&gid=12&cid=15489&tid=US

AFP news says: The US security firm Symantec said it identified malware targeting industrial control systems which could sabotage electric grids, power generators and pipelines This Stuxnet-like malware attack is likely to be government-sponsored, says Symantec. No word about nuclear power plants. From Security Week quoting AFP (6/30/2014; emphasis is mine): Malware Aims at US, Europe Energy Sector: Researchers WASHINGTON - Cyberattackers, probably state sponsored, have been targeting energy operations in the United States and Europe since 2011 and were capable of causing significant damage, security researchers said Monday. The US security firm Symantec said it identified malware targeting industrial...

iOS Malware Does Exist With our FortiGuard Labs reporting that 96.5% of all mobile malware is Android based it would be easy to see why someone might opt for an iPhone. But, users beware. Donât write off iOS as the secure alternative to Android just yet! Despite, Android malware being nearly an epidemic, or as Tim Cook referenced, âa toxic hellstewâ, iOS is not immune. Before somebody asks me (again) whether there are any iOS malware or not, I decided to consolidate the information for you. Hope this helps you, and keeps your (i-) phones secure :) (I have marked...

Systems Affected Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012 Overview GameOver Zeus (GOZ), a peer-to-peer (P2P) variant of the Zeus family of bank credential-stealing malware identified in September 2011­1, uses a decentralized network infrastructure of compromised personal computers and web servers to execute command-and-control. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ), is releasing this Technical Alert to provide further information about the GameOver Zeus botnet. Description GOZ, which is often...

Is your smartphone running low on battery for seemingly no reason? Are things taking longer to render or load? Your gadget could be secretly mining bitcoins, thanks to a piece of mobile malware in Google Play that quietly uses an Android phones processing power, while hiding behind innocuous-seeming wallpaper apps. Lookout Software uncovered the bug, dubbed BadLepricon, after which Google removed five applications that were incorporating it. The apps had between 100 to 500 installs each at the time of removal. And yes, that is how the malware authors spelled leprechaun, wrote Lookout researcher Meghan Kelly, in a blog detailing...

This week web experts discovered a huge flaw in the security software used by millions of Web sites  including many banks, email and social media services. Some sites have likened the breach to leaving your front door unlocked, and anyone who knows how to open the door can intrude and expose your confidential information. Unfortunately, the fix isnt as simple as locking the door from inside your house. The code vulnerability exists within layers of secure Internet server coding. So how does this affect you? * This week web experts discovered a huge flaw in the security software used...

Researchers have uncovered an extremely critical vulnerability in recent versions of OpenSSL, a technology that allows millions of Web sites to encrypt communications with visitors. Complicating matters further is the release of a simple exploit that can be used to steal usernames and passwords from vulnerable sites, as well as private keys that sites use to encrypt and decrypt sensitive data.

Its a sad day for the Internet according to Trend Micros security analysts, its been discovered that photographs of both sunsets and  even more heartbreaking  cats being shared across the web contain malware capable of getting into your bank accounts.

Caphaw Trojan Found in Youtube Ads In Malware, Malware Alerts by steven on February 25, 2014 | Deutsch, English, FranÃ§ais, Italiano, Ð ÑÑÑÐºÐ¸Ð¹ 99 EmailShare youtube-logoLast Friday Â under the shadow of two critical zero day exploits on Internet Explorer and Adobe Flash Â researchers at Bromium Labs discovered malware in an advertising network connected to Youtube. Specific details are yet unknown and the threat has yet to be completely mitigated. As of Friday, Google Security was made aware of the issue and is currently investigating the matter with Bromium. What is Known The malware being served is a Caphaw banking...

Weve got a new nation-state espionage malware. "The Mask" was discovered by Kaspersky Labs: The primary targets are government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organizations and activists. Victims of this targeted attack have been found in 31 countries around the world -- from the Middle East and Europe to Africa and the Americas. The main objective of the attackers is to gather sensitive data from the infected systems. These include office documents, but also various encryption keys, VPN configurations, SSH keys (serving as a means of identifying a user to an SSH server) and...

Debacle: U.S. intelligence agencies report that developers linked to the Belarus government helped create the Healthcare.gov website and may have inserted malicious code making it vulnerable to cyberattacks and hacking. The disastrous rollout of Healthcare.gov was bad enough. But as if Americans need another reason to avoid Healthcare.gov, we now hear that the Obama administration, through the Department of Health and Human Services, has indirectly contracted with developers in the worker's paradise of Belarus, a former Soviet republic still closely tied to Russia, to write some of the software code used for the website. The Washington Free Beacon's Bill Gertz...